What (if any) measures do people here take to prevent their IP addresses from being recorded when scanning (using nmap or Nessus or equivalents) or making connections to the target machines (via Metasploit)?

The obvious option is to use a VPN. My traffic in Wireshark with a PPTP VPN on wlan0 and ppp0 looks secure (there are no connections between my actual IP nd the target machine).